Miggo Logo
Miggo Vulnerability Database
GHSA-xcf7-rvmh-g6q4

GHSA-xcf7-rvmh-g6q4: `openssl` `X509VerifyParamRef::set_host` buffer over-read

N/A

CVSS Score

Basic Information

CVE ID
-
GHSA ID
GHSA-xcf7-rvmh-g6q4
EPSS Score
-
CWE
-
Published
6/21/2023
Updated
6/21/2023
KEV Status
No
Technology
TechnologyRust

Technical Details

CVSS Vector
-
Package NameEcosystemVulnerable VersionsFirst Patched Version
opensslrust>= 0.10.0, < 0.10.550.10.55

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems directly from the set_host implementation handling string inputs. The Valgrind trace shows strlen() being called on invalid memory when passed an empty string, and the GitHub PR #1968 fixes this by converting to CString first. The function's pre-patch code directly used &str's raw pointer without ensuring NUL-termination, making it the clear vulnerable entry point.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

W**n t*is *un*tion w*s p*ss** *n *mpty strin*, `op*nssl` woul* *tt*mpt to **ll `strl*n` on it, r***in* *r*itr*ry m*mory until it r****** * NUL *yt*.

Reasoning

T** vuln*r**ility st*ms *ir**tly *rom t** `s*t_*ost` impl*m*nt*tion **n*lin* strin* inputs. T** V*l*rin* tr*** s*ows `strl*n()` **in* **ll** on inv*li* m*mory w**n p*ss** *n *mpty strin*, *n* t** *it*u* PR #**** *ix*s t*is *y *onv*rtin* to `*Strin*`